Differences between revisions 8 and 9
Revision 8 as of 2006-06-25 18:21:56
Size: 952
Editor: h47n2fls31o982
Comment:
Revision 9 as of 2006-06-28 08:29:30
Size: 951
Editor: h47n2fls31o982
Comment:
Deletions are marked like this. Additions are marked like this.
Line 14: Line 14:
[http://wiki.wireshark.org/Ventrilo?action=AttachFile&do=get&target=ExampleVP.pcap ExampleVP.pcap]: This file contains a capture of a Ventrilo se protocol, however the packets are encrypted. [http://wiki.wireshark.org/Ventrilo?action=AttachFile&do=get&target=ExampleVP.pcap ExampleVP.pcap]: This file contains a capture of the Ventrilo protocol, however the packets are encrypted.

Ventrilo Protocol

VP - The ventrilo protocol is the one used by Ventrilo to encrypt and decrypt VoIP chatting.

Protocol dependencies

  • ["TCP"]: Typically, VP uses ["TCP"] as its transport protocol. The TCP port for VP traffic is 3784 (Depending on server).

Example traffic

[http://pastebin.ca/71370 HERE] (Long text pasted on pastebin.ca)

Wireshark

The VP dissector is non-existing.

Example capture file

[http://wiki.wireshark.org/Ventrilo?action=AttachFile&do=get&target=ExampleVP.pcap ExampleVP.pcap]: This file contains a capture of the Ventrilo protocol, however the packets are encrypted.

See [http://aluigi.altervista.org/papers.htm#ventrilo Luigi's page] for decryption algorithm and [http://pastebin.ca/71370 this] for a decrypted capture.

Ventrilo (last edited 2008-05-20 02:53:18 by GuyHarris)